• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

wildcard for tomcat-users.xml users

 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

I'm curious if it's possible to make some kind of modification to the tomcat-users.xml file that would allow me to provide a generic password for all users of a specific role. For example, instead of creating a new user record for every user with rold="client,user", i'd like to just have one user record for that role.

Essentially, i want to do something to the effect of this:


instead of creating something like this:


Any direction you can provide would be greatly appreciated.

thanks!
 
Sheriff
Posts: 67753
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I wouldn't use tomcat-users.xml for general user management for web apps. Just for access to the manager app and so on for admins.
 
Jaime Acosta
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Bear,

thanks for the quick response!

yes, in production, we authenticate against a database (i am unfortunately not too familiar with our authentication process), but to avoid having to know the user's password to look at a user's production data, we circumvent that authentication and just supply the user's username and a dummy password in tomcat-users.xml

I was thinking of the possibility of creating a stripped down version of our production application that basically did this circumvention, but didn't require us to add a user's username everytime we wanted to see their account. That is essentially why i wanted to know if there was a way to use a wildcard in the tomcat-users file.

Is this not possible?
 
Bear Bibeault
Sheriff
Posts: 67753
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It is not.
 
Jaime Acosta
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
that's disappointing ;*(

I guess I'll have to start trying to figure out how the authentication works instead...

thank you very much your help
 
Are you here to take over the surface world? Because this tiny ad will stop you!
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic